CVE-2014-4515
WordPress AnyFont <2.2.3 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in mce_anyfont/dialog.php in the AnyFont plugin 2.2.3 and earlier for WordPress allows remote attackers to inject arbitrary web script or HTML via the text parameter.
Scores
EPSS
0.0017
EPSS Percentile
38.7%
Details
CWE
CWE-79
Status
published
Products (2)
anyfont_plugin_project/anyfont
< 2.2.3
n/a/n/a
Published
Jul 01, 2014
Tracked Since
Feb 18, 2026